package com.qianfeng.smartmetting.config;



import com.qianfeng.smartmetting.authiority.JwtAuthenticationFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;

//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//
//import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.transaction.annotation.EnableTransactionManagement;

@Configuration
@EnableTransactionManagement
@EnableGlobalMethodSecurity(prePostEnabled = true)
//权限，认证的配置
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService service;

    @Override
    public void configure(HttpSecurity http) throws Exception {

        //url过滤器 ，如果有需要不经过身份验证就可以访问的，在这里面进行配置
        //antMatchers 配置 过滤url 的 方式
        http.authorizeRequests()
                .antMatchers("/user/login","/user/add","/file/upload").permitAll() // 匿名登录
                .anyRequest().authenticated()
                .and()
                .formLogin().loginPage("/login").permitAll()//设置自定义登录页
                .successForwardUrl("/success") //登录成功后跳转的页面
                .failureForwardUrl("/failure")   //登录失败后跳转页面
                .usernameParameter("myusername")//自定义配置用户名参数 仅限于登录
                .passwordParameter("mypassword")//自定义配置密码参数 仅限于登录
                .successHandler(new MyAuthenticationSuccessHandler())  //自定义认证成功
                .failureHandler(new MyAuthenticationFailureHandler())// 自定义认证失败
                .and()
                .logout().permitAll().logoutSuccessHandler(new MyLogoutSuccessHandler())//自定义登出成功.
                .and()
                .exceptionHandling().authenticationEntryPoint(new MyAuthenticationEntryPoint())
                .and()
                .addFilterAfter(new JwtAuthenticationFilter(service), UsernamePasswordAuthenticationFilter.class)
                .csrf().disable();



    }


//        @Bean
//    public UserDetailsService userDetailsService() {
//        //内存用户信息管理
//        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
//        //创建用户，并将用户放入管理器中进行管理
//        manager.createUser(User.withDefaultPasswordEncoder()
//                .username("user")
//                .password("password")
//                .roles("USER")
//                .build());
//        return manager;
//    }

    //当DBUserDetailsManager 注册到Spring 之后 ，可以 不写
//    @Bean
//    public UserDetailsService userDetailsService() {
//        DBUserDetailsManager manager = new DBUserDetailsManager();
//        return manager;
//    }

}
